- PasswordsM.RLock()
- auther, ok := Passwords[username]
- PasswordsM.RUnlock()
- if !ok || !auther.Auth(password) {
- log.Println(r.RemoteAddr, "unauthenticated", username)
- http.Error(w, "unauthenticated", http.StatusUnauthorized)
+ if user.ro {
+ log.Println(r.RemoteAddr, "ro user", user.name)
+ http.Error(w, "unauthorised", http.StatusUnauthorized)